package com.et114.components.crossscript;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

//@author guanhw for Corss Script 攻击
public final class CSRequestWrapper extends HttpServletRequestWrapper {
	
	public CSRequestWrapper ( HttpServletRequest servletRequest ) {
		super ( servletRequest );
	}
	
	public String [ ] getParameterValues ( String parameter ) {
		String [ ] values = super.getParameterValues ( parameter );
		if ( values == null ) {
			return null;
		}
		int count = values.length;
		String [ ] encodedValues = new String [ count ];
		for ( int i = 0 ; i < count ; i ++ ) {
			encodedValues [ i ] = CSUtils.cleanXSS ( values [ i ] );
		}
		return encodedValues;
	}
	
	public String getParameter ( String parameter ) {
		String value = super.getParameter ( parameter );
		if ( value == null ) {
			return null;
		}
		return CSUtils.cleanXSS ( value );
	}
	
	public String getHeader ( String name ) {
		String value = super.getHeader ( name );
		if ( value == null )
			return null;
		return CSUtils.cleanXSS ( value );
		
	}
	

}